package com.grand.security.distributed.uaa.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@Configuration
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

	@Bean
	public AuthenticationManager authenticationManagerBean() throws Exception {
		return super.authenticationManagerBean();
	} // 安全拦截机制（最重要）

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.csrf().disable() // 禁用跨域保护，即可以发起跨域请求
			.authorizeRequests()
			.antMatchers("/r/r1").hasAnyAuthority("p1")
			.antMatchers("/login*").permitAll()
			.anyRequest().authenticated()
			.and()
			.formLogin();
	}
}
